Reference

API reference

HTTP API surface for discovery, exporter, and auth.

telark exposes one HTTP API surface fronted by the REST package and served by the in-cluster services. Every endpoint requires an authenticated session — passkey or OIDC.

Discovery

MethodPathNotes
GET/v1/applicationsLists applications, paginated, namespace-exclusion honoured.
GET/v1/applications/{name}One application with workloads, current change cycle, and plan binding.
POST/v1/applications/{name}/syncForce-sync — pushes a marker onto the discovery stream.

Snapshots & rollback

MethodPathNotes
GET/v1/applications/{name}/snapshotsLists snapshots, newest first, retention-bounded.
GET/v1/applications/{name}/snapshots/{id}One snapshot; content-negotiated application/yaml or application/json.
POST/v1/applications/{name}/rollbackTriggers a rollback; returns a rollback record.
GET/v1/applications/{name}/rollbacks/{id}Polls a rollback to completion.

Protection plans

MethodPathNotes
GET/v1/protection-plansLists plans across the cluster.
POST/v1/protection-plansCreates a plan from a template.
PATCH/v1/protection-plans/{id}Updates plan scope, policies, or participants.
POST/v1/protection-plans/{id}/cancelCancels a running plan.
POST/v1/protection-plans/{id}/reactivateBrings a cancelled plan back.
POST/v1/protection-plans/{id}/duplicateForks a plan into a new draft.
POST/v1/protection-plans/{id}/preparePre-runs admission to surface conflicts.

Auth

MethodPathNotes
POST/v1/auth/passkey/register/beginStarts WebAuthn registration.
POST/v1/auth/passkey/register/finishCompletes registration.
POST/v1/auth/passkey/login/beginStarts a passkey login.
POST/v1/auth/passkey/login/finishCompletes the login, returns a session.
GET/v1/auth/oidc/google/startRedirects to Google OIDC.
GET/v1/auth/oidc/google/callbackOIDC callback, returns a session.
DELETE/v1/auth/sessionLogs the current session out.

For the wire-level schema of every payload, see the CRD reference and the OpenAPI document shipped alongside each service binary.